Section 22 of the AML/CFT Act requires reporting entities to conduct enhanced due diligence on clients where the level of risk involved is such that this higher standard of customer due diligence should apply.

Craigs admits that it breached the AML/CFT Act in that it failed to conduct adequate enhanced due diligence and/or failed to terminate its business relationship with a client when it had been unable to complete the required level of customer due diligence on that client.

In the FMA’s view, there were deficiencies with Craigs’ AML/CFT compliance programme following the introduction of the AML/CFT Act on 30 June 2013 in that it did not contain a cohesive process for escalating, monitoring and managing AML/CFT issues and ensuring compliance with the AML/CFT compliance programme and Craigs had not maintained sufficient written records in relation to the due diligence process.

The FMA acknowledges that since 2014 Craigs has taken steps to significantly improve its AML/CFT compliance programme and has also introduced a range of initiatives which will reduce the chances of similar breaches occurring in the future.

Craigs has also agreed to appoint an independent party to identify any further areas that may assist with the continued improvement of its AML/CFT compliance programme.